Security flaw hits Internet Explorer and Firefox


Security flaw hits Internet Explorer and Firefox

Antony Savvas

Two new security flaws have been discovered in Microsoft's Internet Explorer browser, and one of them may also affect its open source rival, Firefox.

Exploit code for the flaws had already been published on the internet, said the SANS Internet Storm Center security research website, although it added that so far no attacks had been launched using this code.

Attackers can take advantage of the IE and Firefox flaw by using cross-site scripting. The technique enables hackers to view the contents of an open window from a second window open on the user's system. The data can then be stolen.

The number of security flaws that affect both IE and Firefox is slowly rising, as Firefox gains in popularity.

Rogue code writers see Firefox as an increasingly attractive target now that it has more than 10% market share. IE has around 85% of the browser market

The second IE flaw is related to the way certain applications are processed. A user could be tricked into double-clicking on a malicious file, and remote code executed by remote attackers, who could take over the system.

Both Microsoft and Mozilla Foundation are considering issuing patches for the reported problems.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy